Experience with IBM QRadar Security Information and Event Management platform.
Candidate is expected to have at least 2 years of hands-on operational experience.
Hands-on development of parsers, LSX (Log Source Extensions), and DSMs (Device System Modules) for acquiring log sources is required.
Experience developing parsers for COTS and custom application logs. Experience developing event correlation with logic based on critical security events.
Log source integration, use case development and implementation, performance optimization, reporting, and dashboard configuration are essential responsibilities.
Experience with Sourcefire Intrusion Prevention or other relevant Intrusion Prevention technology is required. Experience with Python programming is highly desirable, but not required.
Possess a broad understanding of the following systems/skill sets:
- System hardening concepts and techniques
- Network and secure remote access controls
- Virtualization technologies (VMware, VLANS, Hypervisors)